package com.alex.security.config;

import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {


    @Override
    protected void configure(HttpSecurity http) throws Exception {
        /*super.configure(http);*/

        // 禁用跨域保护
        http.csrf().disable();

        // 定制请求的授权规则
        http.authorizeRequests()
                .antMatchers("/").permitAll()
                .antMatchers("/login").permitAll()
                .antMatchers("/level1/**").hasRole("VIP1")
                .antMatchers("/level2/**").hasRole("VIP2")
                .antMatchers("/level3/**").hasRole("VIP3");

        // 开启自动配置的登录功能
        // 没有权限并且没有登录会跳转到登录页面
        // 系统已经为我们提供了一个预定义的 login 和 logout 页面, 可以不必自己编写
//        http.formLogin();

        // 使用自定义的 登录页面
        http.formLogin()
                .loginPage("/userlogin")
                .usernameParameter("user")
                .passwordParameter("pwd");

        // 使用自定义的 登录页面
//        http.formLogin()
//                .loginPage("/userlogin")
//                .loginProcessingUrl("/login")
//                .usernameParameter("username")
//                .passwordParameter("password")
//                .defaultSuccessUrl("/index");

        // 开启自动配置的退出功能
        http.logout();
        http.logout().logoutSuccessUrl("/");

        // 开启自动配置的记住我功能(cookie)
//        http.rememberMe();

        // remeberme 自定义
        http.rememberMe()
                .rememberMeParameter("remember")
                .rememberMeCookieName("kongfu_alex");
    }

//    @Override
//    public void configure(WebSecurity web) {
//        //将项目中静态资源路径开放出来
//        web.ignoring().antMatchers("/config/**", "/css/**", "/fonts/**", "/img/**", "/js/**");
//    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//        super.configure(auth);
        // 权限信息正常应该从数据库读取
        auth.inMemoryAuthentication().passwordEncoder(passwordEncoder())
                .withUser("alex").password(passwordEncoder().encode("123")).roles("VIP1", "VIP2")
                .and().withUser("lucy").password(passwordEncoder().encode("123")).roles("VIP2", "VIP3")
                .and().withUser("jack").password(passwordEncoder().encode("123")).roles("VIP1", "VIP3");

//        User.UserBuilder users = User.withDefaultPasswordEncoder();
//        auth.jdbcAuthentication().passwordEncoder(new BCryptPasswordEncoder())
//                .dataSource(dataSource)
//                .withDefaultSchema()
//                .withUser(users.username("user").password("password").roles("USER"))
//                .withUser(users.username("admin").password("password").roles("USER", "ADMIN"));
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

//    @Bean
//    UserDetailsManager users(DataSource dataSource) {
//        UserDetails user = User.builder()
//                .username("user")
//                .password("{bcrypt}$2a$10$GRLdNijSQMUvl/au9ofL.eDwmoohzzS7.rmNSJZ.0FxO/BTk76klW")
//                .roles("USER")
//                .build();
//        UserDetails admin = User.builder()
//                .username("admin")
//                .password("{bcrypt}$2a$10$GRLdNijSQMUvl/au9ofL.eDwmoohzzS7.rmNSJZ.0FxO/BTk76klW")
//                .roles("USER", "ADMIN")
//                .build();
//        JdbcUserDetailsManager users = new JdbcUserDetailsManager(dataSource);
//        users.createUser(user);
//        users.createUser(admin);
//    }
}
